Srinagar: ATM “jackpotting”, a cyber-physical fraud where criminals force machines to spit out cash without a real transaction, is emerging as a serious global threat, and experts warn Indian banks must stay alert.
Recently, the Federal Bureau of Investigation (FBI) reported a sharp spike in such attacks in the United States, with over 700 cases in 2025 and losses exceeding $20 million. Security analysts say similar tactics could be attempted anywhere, including India, if safeguards are weak.
What Is ATM Jackpotting?
In jackpotting, criminals:
- Break open the ATM cabinet using stolen or generic keys
- Install malware by replacing the hard drive or inserting a USB device
- Override the system and command the machine to dispense cash
A well-known malware strain called Ploutus, first detected in 2013, is often linked to such attacks. It allows criminals to directly control the ATM’s cash dispenser.
Are Indian Customers at Risk?
Unlike card skimming or phishing, jackpotting does not usually target individual bank accounts. The primary loss is suffered by banks and ATM operators, not customers.
However, customers may face:
- Temporary ATM shutdowns
- Cash shortages in affected areas
- Service disruptions during investigations
What Banks in India Can Do
Security experts recommend:
- Upgrading ATM locks and physical security
- Installing tamper-detection sensors and CCTV coverage
- Allowing only approved software to run on ATM systems
- Monitoring USB ports and unusual system activity
- Training staff to detect signs of tampering
What Customers Should Watch For
If you notice:
- Loose or damaged panels
- Unusual devices attached to the ATM
- Visible pry marks or suspicious activity
- Report it immediately to the bank or local authorities.
As India continues expanding its ATM and digital banking network, experts say strengthening physical and cyber security together is key to preventing such high-tech cash thefts.
